Skip to main content

Configuration snafu exposes passwords for two million marijuana growers

posted onNovember 3, 2020
by l33tdawg
ZDNet
Credit: ZDNet

GrowDiaries, an online community where marijuana growers can blog about their plants and interact with other farmers, has suffered a security breach in September this year.

The breach occurred after the company left two Kibana apps exposed on the internet without administrative passwords. Kibana apps are normally used by a company's IT and development staff, as the app allows programmers to manage Elasticsearch databases via a simple web-based visual interface.

Due to its native features, securing Kibana apps is just as important as securing the databases themselves. But in a report published today on LinkedIn, Bob Diachenko, a security researcher known for discovering and reporting unsecured databases, said GrowDiaries failed to secure two of its Kibana apps, which appear to have been left exposed online without a password since September 22, 2020.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th